From 324848782b4c949ba0d179270c47869e8ee02301 Mon Sep 17 00:00:00 2001 From: "M. Thiercelin" Date: Fri, 16 Sep 2022 17:22:45 +0200 Subject: [PATCH 1/2] Add example of library usage to README --- README.md | 105 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 105 insertions(+) diff --git a/README.md b/README.md index b499e57..850b90b 100644 --- a/README.md +++ b/README.md @@ -64,3 +64,108 @@ go mod vendor [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) [github.com/cronokirby/saferith](https://github.com/cronokirby/saferith) + +## Usage + +## SRP Client + +## Sign up +```go + +bitLength := 2048 + +password := "" + +salt := srp.RandomBytes(16) + +signedModulus := // provided and signed by the server, base64 encoded + +verifierGenerator, err := NewAuthForVerifier(password, signedModulus, salt) + +// check errors, abort sign up if it failed + +verifier, err := verifierGenerator.GenerateVerifier(bitLength) + +// check errors, abort sign up if it failed + +// send salt and verifier to server for sign up +``` + +## Log in + +```go + +bitLength := 2048 + +username := "username" + +password := "" + +version, salt, signedModulus, serverEphemeral := // get login info from server, values are base64 encoded + +proofsGenerator, err := NewAuth(version, username, password, salt, signedModulus, serverEphemeral) + +// check errors, abort login if it failed + +proofs, err := proofsGenerator.GenerateProofs(bitLength) + +// check errors, abort login if it failed + +serverProof := // send proofs.ClientProof and proofs.ClientEphemeral to server, expect the serverProof in the response + +if !bytes.Equal(serverProof, proofs.ExpectedServerProof) { + // abort login +} +``` + +## SRP Server + +the server side implementation is provided for testing purposes + +## Sign up +```go + +bitLength := 2048 + +signedModulus := // Hardcoded on the server, needs to be signed by proton + +// send signed modulus to the client + +salt, verifier := // get sign up values from the client + +version := 4 + +// store (salt, verifier, version, modulus) as the login information for the newly created account + +``` + +## Log in + +```go + +bitLength := 2048 + +username := // get a login request for a given username + +salt, verifier, version, modulus := // retrieve the login information from the sign up + +loginServer, err := NewServerFromSigned(modulus, verifier, bitLength) + +// check errors, abort login if it failed + +serverEphemeral, err := loginServer.GenerateChallenge() + +// check errors, abort login if it failed + +// reply to the request with salt, version, modulus, serverEphemeral + +clientEphemeral, clientProof := // get a login proof from the client + +serverProof, err := loginServer.VerifyProofs(clientEphemeral, clientProof) + +// check errors, abort login if it failed + +// send back serverProof to the client + +// user is logged in +``` \ No newline at end of file From 1b37b11e47427885d4bca9c4e9acc5b6191ad424 Mon Sep 17 00:00:00 2001 From: "M. Thiercelin" Date: Fri, 16 Sep 2022 17:26:57 +0200 Subject: [PATCH 2/2] Fix titles --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 850b90b..8d150cb 100644 --- a/README.md +++ b/README.md @@ -67,9 +67,9 @@ go mod vendor ## Usage -## SRP Client +### SRP Client -## Sign up +#### Sign up ```go bitLength := 2048 @@ -91,7 +91,7 @@ verifier, err := verifierGenerator.GenerateVerifier(bitLength) // send salt and verifier to server for sign up ``` -## Log in +#### Log in ```go @@ -118,11 +118,11 @@ if !bytes.Equal(serverProof, proofs.ExpectedServerProof) { } ``` -## SRP Server +### SRP Server the server side implementation is provided for testing purposes -## Sign up +#### Sign up ```go bitLength := 2048 @@ -139,7 +139,7 @@ version := 4 ``` -## Log in +#### Log in ```go